Skip to main content

Overview

List members of specific collections to understand deployment targets and organizational groupings. This command reveals which devices or users belong to collections, providing insight into administrative structure and deployment patterns.

Syntax

SharpSCCM get collection-members [options]

Parameters

sms-provider
string
The IP address, FQDN, or NetBIOS name of the SMS Provider to connect to
site-code
string
The three-character site code (e.g., “PS1”)
collection-name
string
Filter by collection name (supports partial matching)
collection-id
string
Filter by specific collection ID (e.g., “SMS00001”)
device
string
Find collections containing specific device
properties
string
Specify properties to retrieve (can be used multiple times)
where-condition
string
Custom WQL WHERE clause for advanced filtering
count
boolean
Return count of results only
verbose
boolean
Display all member properties

Examples

# Get members by collection name
SharpSCCM get collection-members -n "All Systems" -sms SCCM01.corp.local -sc PS1

# Get members by collection ID
SharpSCCM get collection-members -i "SMS00001" -sms SCCM01.corp.local -sc PS1

Key Properties

PropertyDescriptionUse Case
NameMember namePrimary identifier
ResourceIDUnique identifierCross-referencing
IsClientSCCM client statusManagement verification
DomainActive Directory domainDomain analysis
CollectionIDParent collectionCollection mapping
IsActiveMember activity statusActive member filtering
ResourceTypeResource typeDevice vs user distinction

Required Permissions

SMS Admins local group membership on the SMS Provider server

Collection Intelligence

Device Collections:
  • Workstations, servers, and specialized systems
  • Administrative and infrastructure systems
  • Department or location-based groupings
User Collections:
  • Administrative users and service accounts
  • Department or role-based groupings
  • Application access groups
Administrative Boundaries:
  • High-privilege collections (admin workstations, servers)
  • Department-specific collections
  • Geographic or site-based collections
Deployment Targets:
  • Application deployment targets
  • Security update deployment groups
  • Operating system deployment collections

Strategic Analysis

Administrative Collections:
# Find admin-related collections
SharpSCCM get collection-members -n "admin" -sms SCCM01.corp.local -sc PS1
SharpSCCM get collection-members -n "server" -sms SCCM01.corp.local -sc PS1
Infrastructure Collections:
# Critical infrastructure
SharpSCCM get collection-members -n "DC" -sms SCCM01.corp.local -sc PS1
SharpSCCM get collection-members -n "SQL" -sms SCCM01.corp.local -sc PS1
Target Identification:
  • Members of administrative collections
  • High-value systems and users
  • Critical infrastructure components
Lateral Movement:
  • Device relationships and groupings
  • Administrative access patterns
  • Cross-collection membership analysis

Common Queries

IsActive = True

Use Cases

High-Value Targets:
  • Admin workstations and servers
  • Domain controllers and infrastructure
  • Systems with privileged user access
Deployment Analysis:
  • Understanding deployment scopes
  • Identifying deployment targets
  • Analyzing organizational structure
System Relationships:
  • Collections reveal system groupings
  • Administrative boundaries and access
  • Potential lateral movement paths
Privilege Escalation:
  • Administrative collection membership
  • High-privilege system identification
  • Service account usage patterns

Output Analysis

Collection Size:
  • Large collections (100+): Broad deployment targets
  • Medium collections (10-100): Departmental or functional groups
  • Small collections (1-10): Specialized or test groups
Member Types:
  • Mixed collections: Both devices and users
  • Device-only collections: System management
  • User-only collections: Policy assignment